Tag Info

If you want to use curl, this should work:
curl -D - https://www.google.com/
Note, however, that this is not exactly the raw response. For instance chunked transfer encoding will not be visible in the response. Using --raw solves this, also verbose mode (-v) is useful, too and -i shows the headers before the response body:
curl -iv --raw ...

Try mitmproxy.
mitmproxy is an SSL-capable man-in-the-middle proxy for HTTP. It provides a console interface that allows traffic flows to be inspected and edited on the fly.
mitmdump is the command-line version of mitmproxy, with the same functionality but without the user interface. Think tcpdump for HTTP.
Features
Intercept HTTP requests and ...

As I said in a comment, the netrw plugin, which handles http://, doesn't handle https:// (this from looking at the plugin code). I went into the code and got https:// working (no guarantees it's bug-free, but it worked for the couple sites I tried). I've created a pair of patches, for netrw.vim and netrwPlugin.vim. Here's how to apply them, keeping the ...

Your assumption is wrong: you can use HTTPS downloads. You just have to find a mirror that supports it, and put its URL in your list of sources. You'll need to install the apt-transport-https package.
Debian doesn't make HTTPS downloads easy because there is very little benefit. Debian package distribution already includes a mechanism to verify packages: ...

There is. You need to install the package apt-transport-https. Then you can use lines like
deb https://some.server.com/debian stable main
in your sources.list file. But usually that's not necessary, since the entire content is public anyway and it adds encryption overhead and latency. Since you don't trust an attackers public key, even http traffic is ...

What you are looking for is called Mutual SSL Authentication.
In the case of a commonly deployed web server as Apache, and an also commonly deployed SSL/TLS implementation as OpenSSL, the steps would be as follows:
There is a handy script distributed alongside openssl, CA.sh to do most of this stuff. Its location is distribution specific. In Debian and ...

What you are asking for is called a proxy http server.
The software receives http requests and passes them on or rejects them (logging too) It needn't sit on your embeded device, however your device would need to be configured to access the proxy instead of going directly to the internet.
apache nginx are two examples of web servers that can act as proxy ...

I mailed the author (drchip) here is his answer :
Hello,
Netrw v144b already supports https (you may get it from
http://drchip.0sites.net/astronaut/vim/index.html#NETRW).
Thank you, Charles Campbell
The website has since moved and can currently be found at http://www.drchip.org/astronaut/vim/index.html#NETRW
To install it, I just had to ...

Okay so I solved this myself. Unfortunately most of the common documentation on the internet says "As your host to request the CSR". Of course my host is myself so I had to register the code myself on my server.
I established a SSH connection to my server and ran the following command.
openssl req -nodes -newkey rsa:2048 -keyout myserver.key -out ...

You want to block any and all HTTPS sites? You need to do this with a firewall on your router. Blocking it in Squid won't prevent people from circumventing it unless the firewall on your router also blocks it. If your router blocks it than what squid does is irrelevant. Better yet, set the firewall to block all outgoing TCP connections except for port 80 ...

No. You can't know it's a HTTPS handshake until the connection is open. At that point, it's too late to redirect it. The SYN packet doesn't tell you what's going to be transmitted; that's why we have port numbers to begin with.

Use wget or curl, see the examples:
wget https://blog.httpwatch.com/wp-content/uploads/2011/01/firefox-https-cache2.png
Or:
curl -o file.png https://blog.httpwatch.com/wp-content/uploads/2011/01/firefox-https-cache2.png
Both applications are highy configurable and adjustable and are meant to use in automated scripts.

I downloaded the linked image with
wget https://blog.httpwatch.com/wp-content/uploads/2011/01/firefox-https-cache2.png
Is this what you want?
Suppose that you wanted to download many files (e.g. *-cache1,2,3,4,5,6,7,8,9.png). Then you could do something like:
for i in {1..9}; do
wget ...

If you continue to run the 2nd Apache server on ports 8080 and 8081 you can do any of the following:
Setup a reverse proxy using the 1st server on port 80 which will forward any traffic that comes into https://my_host.no-ip.org/owncloud.
Do a 301 forward for any traffic that comes into https://my_host.no-ip.org/owncloud to https://my_host.no-ip.org:8081/.
...

Any reason why in the https section you send everything under /blog/admin to FastCGI? Why not make a rule specific to *.php like you have in the http section?
In other words, under http you have:
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
include fastcgi_params;
}
...

When running apt-get update for a https mirror without apt-transport-https installed, you probably invalidated your cached (sources) data, as a side effect invalidating the signatures - this should fix itself after running "apt-get update" again (you might have to revert to a non-https mirror temporarily).

Firefox works after a clean installation. If certificate database in cert8.db is deleted, it is regenerated on next Firefox start. This strongly suggests that there is a system-wide default storage of CA certs.
Firefox's source code shows that built-in CA certs are in fact hard-coded into firefox executable. They reside in ...

Is this expected behavior that is somehow dictated by the HTTPS connection or are those connections suspect? Should I ACCEPT NEW connections as well?
No it's not, yes they are, and no you shouldn't. Your server should not initiate new connections; it should accept incoming ones and respond on the session that is already open. If you were to allow your ...

What @stuart-p-bentley wrote got me thinking and I came up with this way of getting a comma delimited list of "Subject Alternative Names" using openssl, awk and tr. The sed line in his answer does not work on FreeBSD per example.
openssl s_client -connect google.com:443 2>&1 | openssl x509 -text | awk '/X509v3 Subject Alternative Name/ ...

This has nothing to do with apache. Your http service and your https service are on different ports, and this port is specified in the TCP/IP header by the client. Apache is not making an arbitrary choice, it is just doing what it is supposed to do in response to a specific request made on a specific port.
In other words, it is your net client (the ...

Go to Finder -> Connect to Server... ⌘K
Enter https://192.168.0.3/webdav_transfer as "Server address"
Respond to the Username/Password challenge as "domainA\username" for username.
If that doesn't work, see http://wiki.zimbra.com/wiki/WebDAV for possible reasons; you may be out of luck without admin access to the WebDAV server.